CVE-2022-49581 (GCVE-0-2022-49581)

Vulnerability from cvelistv5 – Published: 2025-02-26 02:23 – Updated: 2026-05-11 19:02
VLAI
Title
be2net: Fix buffer overflow in be_get_module_eeprom
Summary
In the Linux kernel, the following vulnerability has been resolved: be2net: Fix buffer overflow in be_get_module_eeprom be_cmd_read_port_transceiver_data assumes that it is given a buffer that is at least PAGE_DATA_LEN long, or twice that if the module supports SFF 8472. However, this is not always the case. Fix this by passing the desired offset and length to be_cmd_read_port_transceiver_data so that we only copy the bytes once.
Severity
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: e36edd9d26cf257511548edaf2b7a56eb4fed854 , < a5a8fc0679a8fd58d47aa2ebcfc5742631f753f9 (git)
Affected: e36edd9d26cf257511548edaf2b7a56eb4fed854 , < fe4473fc7940f14c4a12db873b9729134c212654 (git)
Affected: e36edd9d26cf257511548edaf2b7a56eb4fed854 , < 8ff4f9df73e5c551a72ee6034886c17e8de6596d (git)
Affected: e36edd9d26cf257511548edaf2b7a56eb4fed854 , < a8569f76df7ec5b4b51155c57523a0b356db5741 (git)
Affected: e36edd9d26cf257511548edaf2b7a56eb4fed854 , < 665cbe91de2f7c97c51ca8fce39aae26477c1948 (git)
Affected: e36edd9d26cf257511548edaf2b7a56eb4fed854 , < aba8ff847f4f927ad7a1a1ee4a9f29989a1a728f (git)
Affected: e36edd9d26cf257511548edaf2b7a56eb4fed854 , < 18043da94c023f3ef09c15017bdb04e8f695ef10 (git)
Affected: e36edd9d26cf257511548edaf2b7a56eb4fed854 , < d7241f679a59cfe27f92cb5c6272cb429fb1f7ec (git)
Create a notification for this product.
Linux Linux Affected: 3.18
Unaffected: 0 , < 3.18 (semver)
Unaffected: 4.9.325 , ≤ 4.9.* (semver)
Unaffected: 4.14.290 , ≤ 4.14.* (semver)
Unaffected: 4.19.254 , ≤ 4.19.* (semver)
Unaffected: 5.4.208 , ≤ 5.4.* (semver)
Unaffected: 5.10.134 , ≤ 5.10.* (semver)
Unaffected: 5.15.58 , ≤ 5.15.* (semver)
Unaffected: 5.18.15 , ≤ 5.18.* (semver)
Unaffected: 5.19 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/emulex/benet/be_cmds.c",
            "drivers/net/ethernet/emulex/benet/be_cmds.h",
            "drivers/net/ethernet/emulex/benet/be_ethtool.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a5a8fc0679a8fd58d47aa2ebcfc5742631f753f9",
              "status": "affected",
              "version": "e36edd9d26cf257511548edaf2b7a56eb4fed854",
              "versionType": "git"
            },
            {
              "lessThan": "fe4473fc7940f14c4a12db873b9729134c212654",
              "status": "affected",
              "version": "e36edd9d26cf257511548edaf2b7a56eb4fed854",
              "versionType": "git"
            },
            {
              "lessThan": "8ff4f9df73e5c551a72ee6034886c17e8de6596d",
              "status": "affected",
              "version": "e36edd9d26cf257511548edaf2b7a56eb4fed854",
              "versionType": "git"
            },
            {
              "lessThan": "a8569f76df7ec5b4b51155c57523a0b356db5741",
              "status": "affected",
              "version": "e36edd9d26cf257511548edaf2b7a56eb4fed854",
              "versionType": "git"
            },
            {
              "lessThan": "665cbe91de2f7c97c51ca8fce39aae26477c1948",
              "status": "affected",
              "version": "e36edd9d26cf257511548edaf2b7a56eb4fed854",
              "versionType": "git"
            },
            {
              "lessThan": "aba8ff847f4f927ad7a1a1ee4a9f29989a1a728f",
              "status": "affected",
              "version": "e36edd9d26cf257511548edaf2b7a56eb4fed854",
              "versionType": "git"
            },
            {
              "lessThan": "18043da94c023f3ef09c15017bdb04e8f695ef10",
              "status": "affected",
              "version": "e36edd9d26cf257511548edaf2b7a56eb4fed854",
              "versionType": "git"
            },
            {
              "lessThan": "d7241f679a59cfe27f92cb5c6272cb429fb1f7ec",
              "status": "affected",
              "version": "e36edd9d26cf257511548edaf2b7a56eb4fed854",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/emulex/benet/be_cmds.c",
            "drivers/net/ethernet/emulex/benet/be_cmds.h",
            "drivers/net/ethernet/emulex/benet/be_ethtool.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.18"
            },
            {
              "lessThan": "3.18",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.325",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.254",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.208",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.134",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.58",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.18.*",
              "status": "unaffected",
              "version": "5.18.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.19",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.325",
                  "versionStartIncluding": "3.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.290",
                  "versionStartIncluding": "3.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.254",
                  "versionStartIncluding": "3.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.208",
                  "versionStartIncluding": "3.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.134",
                  "versionStartIncluding": "3.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.58",
                  "versionStartIncluding": "3.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.18.15",
                  "versionStartIncluding": "3.18",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19",
                  "versionStartIncluding": "3.18",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: Fix buffer overflow in be_get_module_eeprom\n\nbe_cmd_read_port_transceiver_data assumes that it is given a buffer that\nis at least PAGE_DATA_LEN long, or twice that if the module supports SFF\n8472. However, this is not always the case.\n\nFix this by passing the desired offset and length to\nbe_cmd_read_port_transceiver_data so that we only copy the bytes once."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T19:02:42.958Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a5a8fc0679a8fd58d47aa2ebcfc5742631f753f9"
        },
        {
          "url": "https://git.kernel.org/stable/c/fe4473fc7940f14c4a12db873b9729134c212654"
        },
        {
          "url": "https://git.kernel.org/stable/c/8ff4f9df73e5c551a72ee6034886c17e8de6596d"
        },
        {
          "url": "https://git.kernel.org/stable/c/a8569f76df7ec5b4b51155c57523a0b356db5741"
        },
        {
          "url": "https://git.kernel.org/stable/c/665cbe91de2f7c97c51ca8fce39aae26477c1948"
        },
        {
          "url": "https://git.kernel.org/stable/c/aba8ff847f4f927ad7a1a1ee4a9f29989a1a728f"
        },
        {
          "url": "https://git.kernel.org/stable/c/18043da94c023f3ef09c15017bdb04e8f695ef10"
        },
        {
          "url": "https://git.kernel.org/stable/c/d7241f679a59cfe27f92cb5c6272cb429fb1f7ec"
        }
      ],
      "title": "be2net: Fix buffer overflow in be_get_module_eeprom",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-49581",
    "datePublished": "2025-02-26T02:23:19.148Z",
    "dateReserved": "2025-02-26T02:21:30.412Z",
    "dateUpdated": "2026-05-11T19:02:42.958Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-49581",
      "date": "2026-05-27",
      "epss": "0.00014",
      "percentile": "0.02927"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-49581\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-26T07:01:33.703\",\"lastModified\":\"2025-10-22T19:10:40.997\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nbe2net: Fix buffer overflow in be_get_module_eeprom\\n\\nbe_cmd_read_port_transceiver_data assumes that it is given a buffer that\\nis at least PAGE_DATA_LEN long, or twice that if the module supports SFF\\n8472. However, this is not always the case.\\n\\nFix this by passing the desired offset and length to\\nbe_cmd_read_port_transceiver_data so that we only copy the bytes once.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: be2net: Se ha corregido el desbordamiento del b\u00fafer en be_get_module_eeprom be_cmd_read_port_transceiver_data asume que se le proporciona un b\u00fafer que tiene al menos una longitud de PAGE_DATA_LEN, o el doble si el m\u00f3dulo admite SFF 8472. Sin embargo, este no siempre es el caso. Corrija esto pasando el desplazamiento y la longitud deseados a be_cmd_read_port_transceiver_data para que solo copiemos los bytes una vez.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.18\",\"versionEndExcluding\":\"4.9.325\",\"matchCriteriaId\":\"258FC9E8-E811-4F26-8995-50FC2D38C3C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.290\",\"matchCriteriaId\":\"1F023E37-5DAE-491D-9971-00FC089E8C7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.254\",\"matchCriteriaId\":\"56D38C39-4EB7-48A7-85D3-D4854AC7B3E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.208\",\"matchCriteriaId\":\"58A5EC97-5FF0-4B0A-8074-2A5A57644D59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.134\",\"matchCriteriaId\":\"4B697B47-6B36-47E0-95DC-054EC4633DEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.58\",\"matchCriteriaId\":\"13CF20C8-4DA9-4A21-AD13-7A5C22E5FB05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.18.15\",\"matchCriteriaId\":\"EAD6B571-194C-43A2-A4AB-F68F869D13BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8C30C2D-F82D-4D37-AB48-D76ABFBD5377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF8547FC-C849-4F1B-804B-A93AE2F04A92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3068028-F453-4A1C-B80F-3F5609ACEF60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.19:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E9C0DB0-D349-489F-A3D6-B77214E93A8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.19:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A0DE3B7-0FFB-45AA-9BD6-19870CA7C6FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.19:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"00AE778B-BAEE-49EB-9F84-003B73D7862A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.19:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"C178431E-AD82-4B3D-B70F-A273A02ABD5D\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/18043da94c023f3ef09c15017bdb04e8f695ef10\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/665cbe91de2f7c97c51ca8fce39aae26477c1948\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8ff4f9df73e5c551a72ee6034886c17e8de6596d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a5a8fc0679a8fd58d47aa2ebcfc5742631f753f9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a8569f76df7ec5b4b51155c57523a0b356db5741\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/aba8ff847f4f927ad7a1a1ee4a9f29989a1a728f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/d7241f679a59cfe27f92cb5c6272cb429fb1f7ec\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fe4473fc7940f14c4a12db873b9729134c212654\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.